Audit / Netlink slowness
Steve G
linux_4ever at yahoo.com
Tue Jun 14 13:58:02 UTC 2005
>"su" connects to a NETLINK_AUDIT socket 3 or 4 times.
>Each time it does 2 sendto() + recvfrom() operations,
>with a latency of ~200ms. This adds up to 800ms wasted
>time.
I see a way to get rid of 1 sendto and put it in the error path. This way people
without audit support (which would be rare for this distro) would get the extra
sendto. This would solve the common use problem. You really need audit compiled
in for SE Linux avc messages to be full and complete.
I also see a few *minor* issues in the kernel that might save a couple clock
cycles, but no magic bullet.
-Steve Grubb
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the fedora-devel-list
mailing list